Nixpkgs security tracker
Untriaged
Permalink
CVE-2024-6239
7.5 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
Poppler: pdfinfo: crash in broken documents when using -dests parameter
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.
References
Affected products
poppler
- *
- =<24.06.1
compat-poppler022
gimp:flatpak/poppler
- *
inkscape:flatpak/poppler
- *
libreoffice:flatpak/poppler
- *
Matching in nixpkgs
pkgs.poppler
PDF rendering library
pkgs.poppler_gi
PDF rendering library
pkgs.poppler_min
PDF rendering library
pkgs.poppler_data
Encoding files for Poppler, a PDF rendering library
pkgs.poppler_utils
PDF rendering library
pkgs.libsForQt5.poppler
PDF rendering library
-
nixos-unstable qt5-24.02.0
- nixpkgs-unstable qt5-24.02.0
- nixos-unstable-small qt5-24.02.0
pkgs.kdePackages.poppler
PDF rendering library
-
nixos-unstable qt6-24.02.0
- nixpkgs-unstable qt6-24.02.0
- nixos-unstable-small qt6-24.02.0
pkgs.qt6Packages.poppler
PDF rendering library
-
nixos-unstable qt6-24.02.0
- nixpkgs-unstable qt6-24.02.0
- nixos-unstable-small qt6-24.02.0
pkgs.plasma5Packages.poppler
PDF rendering library
-
nixos-unstable qt5-24.02.0
- nixpkgs-unstable qt5-24.02.0
- nixos-unstable-small qt5-24.02.0
pkgs.haskellPackages.gi-poppler
Poppler bindings
pkgs.python311Packages.poppler-qt5
None
-
nixos-unstable qt5-21.3.0
- nixpkgs-unstable qt5-21.3.0
- nixos-unstable-small qt5-21.3.0
pkgs.python312Packages.poppler-qt5
None
-
nixos-unstable qt5-21.3.0
- nixpkgs-unstable qt5-21.3.0
- nixos-unstable-small qt5-21.3.0
pkgs.python311Packages.python-poppler
Python binding to poppler-cpp
pkgs.python312Packages.python-poppler
Python binding to poppler-cpp
pkgs.tests.pkg-config.defaultPkgConfigPackages.poppler-glib
Test whether poppler-glib-24.02.0 exposes pkg-config modules poppler-glib
Package maintainers
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@jtojnar Jan Tojnar <jtojnar@gmail.com>
-
@onny Jonas Heinrich <onny@project-insanity.org>